fahricansecer/digicraft-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

main
Some checks failed
Deploy Backend / deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Fahri Can Seçer
2026-02-05 01:29:22 +03:00
parent ae24c17f50
commit 80dcf4d04a
30 changed files with 14275 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
verify_auth.ts Normal file
View File

@@ -0,0 +1,106 @@
import dotenv from "dotenv";
dotenv.config();
const API_URL = 'http://localhost:3001/api';
async function testAuth() {
console.log("🚀 Starting Authentication Verification...");
// Helper to sleep
const sleep = (ms: number) => new Promise(r => setTimeout(r, ms));
// GENERATE RANDOM USERS
const userA = { email: `userA_${Date.now()}@test.com`, password: 'password123' };
const userB = { email: `userB_${Date.now()}@test.com`, password: 'password123' };
let tokenA = '';
let tokenB = '';
try {
// 1. REGISTER USER A
console.log(`\n👤 Registering User A: ${userA.email}`);
const regA = await fetch(`${API_URL}/auth/register`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ ...userA, apiKey: process.env.GEMINI_API_KEY, termsAccepted: true })
});
const dataA = await regA.json() as any;
if (!regA.ok) throw new Error(`User A Register Failed: ${JSON.stringify(dataA)}`);
tokenA = dataA.token;
console.log("✅ User A Registered & Token Received");
// 2. REGISTER USER B
console.log(`\n👤 Registering User B: ${userB.email}`);
const regB = await fetch(`${API_URL}/auth/register`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ ...userB, apiKey: process.env.GEMINI_API_KEY, termsAccepted: true })
});
const dataB = await regB.json() as any;
if (!regB.ok) throw new Error(`User B Register Failed: ${JSON.stringify(dataB)}`);
tokenB = dataB.token;
console.log("✅ User B Registered & Token Received");
// 3. CREATE PROJECT AS USER A
console.log("\n🎨 User A creating project 'My Private Art'");
const projA = await fetch(`${API_URL}/projects`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${tokenA}`
},
body: JSON.stringify({
niche: "Abstract Blue Shapes",
productType: "Wall Art",
creativity: "Balanced",
aspectRatio: "3:4",
referenceImages: []
})
});
const projDataA = await projA.json() as any;
if (!projA.ok) throw new Error(`Project Creation Failed: ${JSON.stringify(projDataA)}`);
console.log("✅ User A Project Created");
// 4. VERIFY USER B CANNOT SEE USER A's PROJECT
console.log("\n🕵 User B attempting to view projects...");
const getB = await fetch(`${API_URL}/projects`, {
method: 'GET',
headers: { 'Authorization': `Bearer ${tokenB}` }
});
const getDataB = await getB.json() as any;
const projectsB = getDataB.projects || [];
console.log(` User B sees ${projectsB.length} projects.`);
if (projectsB.length === 0) {
console.log("✅ SUCCESS: User B sees 0 projects.");
} else {
console.error("❌ FAILURE: User B sees projects they shouldn't!");
console.error(projectsB);
}
// 5. VERIFY USER A CAN SEE THEIR PROJECT
console.log("\n🕵 User A attempting to view projects...");
const getA = await fetch(`${API_URL}/projects`, {
method: 'GET',
headers: { 'Authorization': `Bearer ${tokenA}` }
});
const getDataA = await getA.json() as any;
const projectsA = getDataA.projects || [];
console.log(` User A sees ${projectsA.length} projects.`);
if (projectsA.length >= 1) {
console.log("✅ SUCCESS: User A sees their project.");
} else {
console.error("❌ FAILURE: User A cannot see their project!");
}
console.log("\n🎉 AUTHENTICATION & RBAC VERIFICATION COMPLETE!");
} catch (error) {
console.error("\n❌ VERIFICATION FAILED:", error);
}
}
testAuth();